Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp3889931ybi; Fri, 19 Jul 2019 10:49:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqyHmzQC/3KhBkn+XaQ1WTQgiCQE2WoSEcE565C429nvUQxOQlXeLdlpcSAMSuICScHQMo4M X-Received: by 2002:a17:902:bcc4:: with SMTP id o4mr57206341pls.90.1563558544348; Fri, 19 Jul 2019 10:49:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563558544; cv=none; d=google.com; s=arc-20160816; b=G2O3WQ90e9YwJxYqJrh8qcO+XZN4+TamOX4TzWGcdSWD0eidKsAi3Qlo/zYmT6sIT9 2rpuyPilfADlQb3uFiHwxpM5OH/sByn4zKon1m2PC9DQi0jGaNFUES29lMfWoEhkkhe4 Gb74fjXKS+loc2L4tMN6JD85RLMb4xDcTB9BrB0kJZwZ+7bFl+Ka6n7mW8CUVT6TP3/0 bGvclhUM3YQZZgFpj/hVMd6KDvcB4c7n9YgniW1/Pm/9Nft5dQsWrUVboGX6wuMbhwrA JDf4dt5Cve8lHWINU5JQP4lJ46CCz7oF//s6ZSGY2u6alD1AanoXvy58IB/djMk7wSPI 3pjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version:dkim-signature; bh=PdRVJYMKZyuR04Jtd0bhLu62MengDRxfpO0Ujclc4Yc=; b=OmjA1ruI6VNsbSqMvfpEPWHdSZCzS6GpXrmJYCCT73Pgye7ZiUy3+HJ37eHFi2gLv+ hxPPXZ8+0skVOu1IjQqh+Yf+xDCTHwd6IOWG55k7DOpZrA4TBD50bkZE6Cx3gtnJWJKf PS72cq8Xc040Ghqda+RNbHfTzjcK+5Gh95Hh5ppCztdFaygJ35HsxJTVhZFpb/YHyXCG 1GwzDj2GSyOU06zXxi45utz3OFfMoGTOF2tejVXONzECjVzI+OvYrE+YWyACSc58hC3X AIBSO8vrxpLytQ8PCjDnICPBpSQ7QolxEv9kswMK6w77i7Eu9otYFg3jjnKqOGVGm3yu Br8A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=MzWExJYA; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h11si28603022pjb.98.2019.07.19.10.48.48; Fri, 19 Jul 2019 10:49:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=MzWExJYA; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729158AbfGSRkQ (ORCPT + 99 others); Fri, 19 Jul 2019 13:40:16 -0400 Received: from mail-io1-f67.google.com ([209.85.166.67]:36083 "EHLO mail-io1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726243AbfGSRkQ (ORCPT ); Fri, 19 Jul 2019 13:40:16 -0400 Received: by mail-io1-f67.google.com with SMTP id o9so60139798iom.3 for ; Fri, 19 Jul 2019 10:40:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=PdRVJYMKZyuR04Jtd0bhLu62MengDRxfpO0Ujclc4Yc=; b=MzWExJYAEzzbpyMApm296Qq5Hxox5HHH9vzMtgdxFwpIs8cMfZNXP+CKk1xGirwqxc b5hqpuO6R5U6h626xnidcBcgIRC+bV4FQxfbfAicUNqsZ0IrIgQMC8BdfokeYkXnYl3V kU2Dj26gLYG07Gl7NVFPCAjgSBMtec40vr6RZyNiLp37BqBxQdKMRXKElhLMgyJppxeH 0A9oMcHOuvKR4r7a2tG/jlqPlSXtqTbOp+FaBq2c5Z0J4qEE4PBucy8vEWj/XcrVA3oD lCBTwEiPnuQ0IvyaQvk8M2HNvbE4k0bYP3eDEwhcXQr0CUhfxrJEuXeoNsTn+d9T9GNj aGyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=PdRVJYMKZyuR04Jtd0bhLu62MengDRxfpO0Ujclc4Yc=; b=ZbILM/xcs2p2wuNQNK4Cv9RGNS/Oa+f9bnpl/O2WiX/C5LZbXYQK8uR8m85KQQ5LcB uvWmV4WGzB+uHUxekDHRA96e9hDtoSsciLWDjzc1VPlq5Ru0wTD/+PzSgaiGkkEWEx0O 3za1qTfIt3Rt1nFKYbZgM4Qq76pBWcR4iY6E+LUgys7XJ/jxeOEVzMcZfq+aUXg7zwQx ThAcbdc9UlqJKZxT2Wclj7FTEqMTfAj2ISQ8WOiDw8Xdha8ifl0/KZhViuUobUwKkych rJ2q4qjZikTtthHi46pkOvlWiiGuqcY5duajqiEql3Mli9TwRpjEAvv6rSCvuNbaLeu+ oRtw== X-Gm-Message-State: APjAAAUhaZ1qylWwfnNozHWBwAB8rKVTgk15dc4mSEJl2L3CG25kOiBE gz6mCE3UkJ+2FTsECEKwxVzsYs1uIWg= X-Received: by 2002:a02:13c3:: with SMTP id 186mr55698264jaz.30.1563558015488; Fri, 19 Jul 2019 10:40:15 -0700 (PDT) Received: from ?IPv6:2600:1007:b101:1239:e89f:3ba2:18ab:b874? ([2600:1007:b101:1239:e89f:3ba2:18ab:b874]) by smtp.gmail.com with ESMTPSA id s24sm27177022ioc.58.2019.07.19.10.40.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 19 Jul 2019 10:40:14 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) Subject: Re: [5.2 REGRESSION] Generic vDSO breaks seccomp-enabled userspace on i386 From: Andy Lutomirski X-Mailer: iPhone Mail (16F203) In-Reply-To: <20190719170343.GA13680@linux.intel.com> Date: Fri, 19 Jul 2019 13:40:13 -0400 Cc: Thomas Gleixner , Andy Lutomirski , Vincenzo Frascino , x86@kernel.org, linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Message-Id: <19EF7AC8-609A-4E86-B45E-98DFE965DAAB@amacapital.net> References: <20190719170343.GA13680@linux.intel.com> To: Sean Christopherson , keescook@chromium.org Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Jul 19, 2019, at 1:03 PM, Sean Christopherson wrote: >=20 > The generic vDSO implementation, starting with commit >=20 > 7ac870747988 ("x86/vdso: Switch to generic vDSO implementation") >=20 > breaks seccomp-enabled userspace on 32-bit x86 (i386) kernels. Prior to > the generic implementation, the x86 vDSO used identical code for both > x86_64 and i386 kernels, which worked because it did all calcuations using= > structs with naturally sized variables, i.e. didn't use __kernel_timespec.= >=20 > The generic vDSO does its internal calculations using __kernel_timespec, > which in turn requires the i386 fallback syscall to use the 64-bit > variation, __NR_clock_gettime64. This is basically doomed to break eventually, right? I=E2=80=99ve occasionally considered adding a concept of =E2=80=9Cseccomp al= iases=E2=80=9D. The idea is that, if a filter returns anything other than A= LLOW, we re-run it with a different nr that we dig out it a small list of su= ch cases. This would be limited to cases where the new syscall does the same= thing with the same arguments. I want this for restart_syscall: I want to renumber it. Kees?